Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Low-code and no-code technologies are being embraced across the world, but there’s one LCNC platform that stands out, with significant growth and enterprise adoption – and that’s Microsoft’s Power Platform.

Are you worried about rolling out Microsoft Teams? Are you concerned that users may accidentally share the wrong information with Team members? Your concern is justified with 56% of insider incidents caused by employee or contractor negligence at a cost of $484,931 per incident (2022 Ponemon Cost of Insider Threats Global Report).

We create massive amounts of data daily, from the exercise stats compiled by our wearable devices to smart meters used at our homes to reduce expense consumption to maintenance statistics of critical systems in industrial settings. If data creation continues at its present rate, more than a yottabyte (a million trillion megabytes) will likely be generated annually by 2030.

The concept of least privileged access has been around for a while and is widely understood. However, overprivileged users with more rights than necessary, such as administrators, continue to be a common source of breaches. It’s such a concern that the restriction of administrative privileges is included as one of the Australian Government’s Essential Eight Maturity Model to mitigate cybersecurity incidents.

As digital transformation continues to blossom and cloud adoption increases, we continue to see challenges crop up when it comes to traditional DLP solutions. Setting aside the architectural and operational complexity and high cost that comes with traditional DLP, practitioners recognize that existing tools aren’t able to keep up.

So far in this series, we’ve looked at the importance of securing an organization’s network, application components, and the endpoints that support them. In this post, we’ll look at the following best practices for protecting the different types of data that flow through these components. But first, we’ll look at how modern applications process and manage data, as well as common weaknesses and security threats to these systems.

2022 saw privacy truly take hold in the U.S., while Europe buttressed its position as the global leader and other regions worked to get up-to-speed with new or amended laws.

Organizations are unaware of the prevalence of API keys and secrets throughout their systems, and how their users are sharing and using them. Even with security best practices and policies in place, the lack of awareness or compliance, as well as the possibility of human error means that API keys and secrets need protection regardless of where they are stored or shared.

Just-in-time (JIT) access is a cybersecurity feature where users, applications, or systems are granted access to resources only when needed and for a limited time. This approach limits the risk of privileged accounts gaining unauthorized access to sensitive data. JIT access is often used in conjunction with other security measures—such as multi-factor authentication and encryption—to provide a strong, layered defense against threats.

Hello everyone! I’m Yuval Adler, Customer Success Director at Zenity. I’m inviting you to read my blog series where I share new Microsoft Power Platform DLP Bypass findings we uncovered.